How severe is CVE-2007-0008?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.8 out of 10.

What type of vulnerability is CVE-2007-0008?

This is classified as CWE-189, which is a common weakness in software security.

CVE-2007-0008 - MEDIUM Severity | CVSS 6.8

Vulnerability Description

Integer underflow in the SSLv2 support in Mozilla Network Security Services (NSS) before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, SeaMonkey before 1.0.8, Thunderbird before 1.5.0.10, and certain Sun Java System server products before 20070611, allows remote attackers to execute arbitrary code via a crafted SSLv2 server message containing a public key that is too short to encrypt the "Master Secret", which results in a heap-based overflow.

Related Vulnerabilities

CVE-2015-8396

CRITICAL

CVSS:10.0(Critical)

Integer overflow in the ImageRegionReader::ReadIntoBuffer function in MediaStorageAndFileFormat/gdcmImageRegionReader.cxx in Grassroots DICOM (aka GDCM) before 2.6.2 allows attackers to execute arbitr...

CWE-1892015

CVE-2007-1383

CRITICAL

CVSS:9.8(Critical)

Integer overflow in the 16 bit variable reference counter in PHP 4 allows context-dependent attackers to execute arbitrary code by overflowing this counter, which causes the same variable to be destro...

CWE-1892007

CVE-2011-2013

CRITICAL

CVSS:9.8(Critical)

Integer overflow in the TCP/IP implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code by s...

CWE-1892011

CVE-2014-9766

CRITICAL

CVSS:9.8(Critical)

Integer overflow in the create_bits function in pixman-bits-image.c in Pixman before 0.32.6 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code ...

CWE-1892014

CVE-2016-0859

CRITICAL

CVSS:9.8(Critical)

Integer overflow in the Kernel service in Advantech WebAccess before 8.1 allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow) via a crafted RPC ...

CWE-1892016

CVE-2016-10145

CRITICAL

CVSS:9.8(Critical)

Off-by-one error in coders/wpg.c in ImageMagick allows remote attackers to have unspecified impact via vectors related to a string copy.

CWE-1892016